Why we made this change

Visitors are allowed 3 free articles per month (without a subscription), and private browsing prevents us from counting how many stories you've read. We hope you understand, and consider subscribing for unlimited online access.

Dot What?

Seven new Internet domain names now offer more cyber real estate. But is anyone buying?

Expect to see some unfamiliar syllables after the dot on the Internet this spring. Besides the .com, .net, .org, .edu, .mil and .gov the world has come to know, seven newcomers are about to enter the fray: .aero, .biz, .coop, .info, .museum, .name and .pro. These additions to the list of so-called top-level domains were approved last November by the Internet Corporation for Assigned Names and Numbers, or ICANN-the closest thing the Internet has to a government. This organization’s stated purpose in creating fresh cyber real estate was to open opportunities on the Internet for business and noncommercial use alike. But despite the good intentions behind them, the new dots are likely to remain a footnote in the Internet’s evolution.

Domain names were not part of the original Internet design. They were, rather, an afterthought-created as a techno-fix to a pressing problem by engineers who didn’t foresee the long-term implications of their actions. But now, domain names are vital because Web browsers use them as the basis of all navigation. Want to jump to the home page for the White House? Just type the domain name “whitehouse.gov” and off you go. Domain names are the coin of the cyber realm; stories abound of companies trying to buy their domains from so-called cyber squatters, and of large organizations trying to shut down small Web sites because of similar-sounding names.

But the Internet’s underlying structure doesn’t really use long-winded names to move data about; it uses a compact numbering system. “Whitehouse.gov,” for instance, is a human-friendly representation of the address 198.137.240.92. The job of translating the domain names that people type into their browsers into the Internet addresses that the network actually uses falls to an entity called, logically enough, the Domain Name System, or DNS.

The original Internet had no such system. Instead, the addresses for every computer on the Net were kept in a single “hosts” file on a computer at the Stanford Research Institute in northern California. If you had a computer on the Internet, and wanted to maintain an up-to-date version of what else was out there, it was your responsibility to download this file regularly. You can think of the hosts file as the Internet’s first white pages.By 1982, the Internet was growing so rapidly that nobody had a current copy of the hosts file. But there was another problem as well: sometimes more than one computer in the file had the same name. A friend of mine named Martha Rose, for instance, had the mail account “mrose” on the computer “Eddie” at MIT; Martha was forever receiving e-mail for Marshall Rose, who had the same account on a computer named Eddie at the University of Washington. Both computers were in the hosts file under the same name.

The Domain Name System was supposed to solve both of these problems because it is not a single file, but rather a series of files in a database distributed across many computers on the Net. Computers at MIT called name servers hold the Internet directory for MIT; similar servers at the University of Washington hold its directory. The distributed database worked spectacularly well-so well, in fact, that it has not been significantly upgraded in more than 15 years.

The system was also supposed to put an end to naming conflicts of the sort that vexed my friend Martha. The Internet’s engineers created the .edu domain for universities, under which each university would have its own unique sub-domain. Martha’s e-mail address became mrose@eddie.mit.edu; Marshall’s became mrose@eddie.washington.edu. Likewise, the engineers created the top-level domains .com, .gov, .mil, .net and .org. Because of the U.S.-centric nature of these domains, the system soon expanded to include more than 200 additional top-level domains, one for each country.

Trying to be fair, the engineers creating the Internet handed out domains on a first-come, first-serve basis. The University of Washington in Seattle grabbed the domain “washington.edu,” forcing Washington University in St. Louis to settle for “wustl.edu.” Washington University was good natured about this at the time, but it soon became evident that the Domain Name System was playing by a different set of rules than the offline world.

That distinction stems naturally from the nature of the technology. In the offline world it’s possible to have two companies with the same name. But online, every domain name must be unique. Internet domain names are in fact much more like addresses than names. There can be many organizations with the initials MIT, but there can only be one 77 Massachusetts Avenue in Cambridge, MA.

The existence of just one .com domain created an artificial scarcity. Today you can take nearly any word in the dictionary or any common name, add “.com,” and you’ll find that the domain is already taken. Also taken are practically every combination of two, three, and four characters. Most of these domains aren’t being used: they are being hoarded by speculators. Want to use the domain “ieverything.com”? It’s yours, for $2,288, from a firm called BuyDomains.com. It is this scarcity that the new domains are meant to curb. And in principle, creating more top-level domains creates more opportunity. “Boston.com” is taken by the Boston Globe, but now Boston’s art museum can buy “boston.museum.” That’s a good thing, isn’t it?

Not necessarily. For one thing, a mere seven new top-level domains won’t make much of a dent in the scarcity problem. Deep-pocketed companies and domain-name speculators will have no trouble buying up Internet addresses in all seven new domains. Then there’s the problem of who gets dibs on these names. For instance, should “boston.museum” be reserved for the Museum of Fine Arts, Boston (currently at mfa.org), the Boston Historical Society and Museum (currently at bostonhistory.org), or for some Web-based museum of Boston history that hasn’t been created yet?

Many people think that tens of thousands of new domains would end domain-name speculation: it would be prohibitively expensive for the speculators to buy up every word in the English language in every new top-level domain. There are no technical or logistical barriers to creating such a multiplicity of domains, insists Karl Auerbach. An old-time Internet expert, Auerbach was tapped for the names and numbering organization’s board of directors last year in what was widely hailed as the Internet’s first worldwide election. Auerbach says he set up a demonstration system several years ago that had more than six million top-level domains. The system worked, he says, and showed no loss of speed due to the multiplicity of domains.

Also being criticized is the way that the new domain registrars were chosen. Auerbach advocated giving domains away in a lottery. Others suggested auctioning them off the way the Federal Communications Commission allocates broadcasting frequencies. Instead, organizations that wanted to create top-level domains had to pony up a $50,000 application fee and submit a business plan explaining their planned use of the domain. Some domains were rejected because the names and numbering folks didn’t like the plans. “I don’t understand why they are interfering with the business models of these organizations,” says Michael Froomkin, a professor at the University of Miami School of Law who has written extensively about Internet policy.

I predict that these new top-level domains will remain a novelty, just the way the .to, .tv, .md and .cc domains have been. These belong to small countries (Tonga, Tuvalu and Moldova) and an Australian territory (Cocos Islands) that have decided to open up their name servers to any person or company wishing to make the purchase. But despite massive publicity campaigns (often conducted through e-mail spam), these domains have failed to catch on.

The fact is, people in the United States are comfortable with the .com domain, just the way people in England are comfortable with .co.uk. Instead of searching for new top-level domains, businesses are living with the shortage of names, and making do. Meanwhile, when a new company is named, or when an existing company is renamed-something that seems to be happening a lot-the availability of a dot-com address is a central part of the process. We are changing the way that we do business, and the way we think, in order to deal with the limitations of the computer systems that we have created.

Companies will probably continue to struggle with the artificial scarcity of the .com. They will keep coming up with unique domain names, by coining new words and obscure combinations of letters and numbers. It will be easier to do that than to teach consumers to type “.biz.”

Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.

Share

Simson L. Garfinkel is a computer security research scientist whose interests include digital forensics, security, personal information management, privacy, and terrorism. He holds six U.S. patents for his computer-related research, has published… More dozens of journal and conference papers in security and computer forensics, is the author or co-author of 14 books, and has started five companies.

You've read
of three
free articles this month.
Subscribe now for unlimited online access.
You've read
of three
free articles this month.
Subscribe now for unlimited online access.
This is your last free article this month.
Subscribe now for unlimited online access.
You've read all your free articles this month.
Subscribe now for unlimited online access.
You've read
of three
free articles this month.
Log in for more, or subscribe now for unlimited online access.
Log in for two more free articles, or subscribe now
for unlimited online access.